Merge pull request #36 from jdeathe/master

Release changes ready for centos-6-1.3.1

Author: jdeathe

Dockerfile

@@ -4,14 +4,15 @@
 # CentOS-6, Apache 2.2, PHP 5.3, PHP memcached 1.0, PHP APC 3.1, Composer
 # 
 # =============================================================================
-FROM jdeathe/centos-ssh-apache-php:centos-6-1.3.0
+FROM jdeathe/centos-ssh-apache-php:centos-6-1.3.1
 
 MAINTAINER James Deathe <james.deathe@gmail.com>
 
 # -----------------------------------------------------------------------------
 # FastCGI support
 # -----------------------------------------------------------------------------
-RUN yum --setopt=tsflags=nodocs -y install \
+RUN rpm --rebuilddb \
+	&& yum --setopt=tsflags=nodocs -y install \
 	fcgi-2.4.0-12.el6 \
 	mod_fcgid-2.3.9-1.el6 \
 	&& yum versionlock add \
@@ -24,14 +25,14 @@ RUN yum --setopt=tsflags=nodocs -y install \
 # Apache mime_magic module should be disabled with FastCGI
 # -----------------------------------------------------------------------------
 RUN sed -i \
-	-e 's~^LoadModule mime_magic_module modules/mod_mime_magic.so~#LoadModule mime_magic_module modules/mod_mime_magic.so~g' \
+	-e 's~^LoadModule mime_magic_module ~#LoadModule mime_magic_module ~g' \
 	/etc/httpd/conf/httpd.conf
 
 # -----------------------------------------------------------------------------
 # Enable the pathinfo fix
 # -----------------------------------------------------------------------------
 RUN sed -i \
-	-e 's~^;cgi.fix_pathinfo=1~cgi.fix_pathinfo = 1~g' \
+	-e 's~^;cgi.fix_pathinfo=1$~cgi.fix_pathinfo=1~g' \
 	/etc/php.ini
 
 # -----------------------------------------------------------------------------

README.md

@@ -2,6 +2,13 @@
 # Create a data container for the configuration volume: 
 #     docker run -v /config --name volume-config.<service-name> busybox /bin/true
 #
+# Optional configuration volume install: 
+#     mkdir -p /etc/services-config/<service-name>/{httpd,supervisor,ssl/{certs,private}}
+#     cp <container-path>/etc/services-config/supervisor/supervisord.conf /etc/services-config/<service-name>/supervisor/supervisord.conf
+#     cp <container-path>/etc/services-config/httpd/conf/httpd.conf /etc/services-config/<service-name>/httpd/conf/httpd.conf
+#     cp <container-path>/etc/services-config/httpd/conf.d/php.conf /etc/services-config/<service-name>/httpd/conf.d/php.conf
+#     cp <container-path>/etc/services-config/httpd/conf.d/ssl.conf /etc/services-config/<service-name>/httpd/conf.d/ssl.conf
+#
 # To install: 
 #     sudo cp <container-path>/<service-name>@<port>.service /etc/systemd/system/
 #     sudo systemctl daemon-reload
@@ -13,69 +20,89 @@
 
 [Unit]
 Description=CentOS-6 / Apache / PHP (FastCGI) // app-1.1.1
-After=etcd.service
+After=etcd2.service
 After=docker.service
 Requires=docker.service
-Requires=etcd.service
+Requires=etcd2.service
 
 [Service]
 Restart=on-failure
 RestartSec=30
 TimeoutStartSec=1200
+Environment="MOUNT_PATH_CONFIG=/etc/services-config"
+Environment="MOUNT_PATH_DATA=/var/services-data"
+Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh-apache-php-fcgi"
+Environment="DOCKER_IMAGE_TAG=centos-6-1.3.1"
 
 # Create a data container for the configuration volume
 ExecStartPre=/bin/sudo /bin/bash -c \
-  "if [ ! \"busybox\" == \"$(/usr/bin/docker images | /bin/grep -e '^busybox[ ]\{1,\}' | /bin/grep -o 'busybox')\" ]; then \
-    if [ -f /var/services-packages/busybox.latest-1.0.0.tar.xz ]; then \
-      /usr/bin/xz -dc /var/services-packages/busybox.latest-1.0.0.tar.xz | /usr/bin/docker load; \
+  "if [[ busybox != $(/usr/bin/docker images | /bin/grep -e '^busybox[ ]\{1,\}' | /bin/grep -o 'busybox') ]]; then \
+    if [[ -f /var/services-packages/busybox.latest-1.0.0.tar.xz ]]; then \
+      /usr/bin/xz /var/services-packages/busybox.latest-1.0.0.tar.xz | /usr/bin/docker load; \
     else \
       /usr/bin/docker pull busybox:latest; \
     fi; \
   fi; \
-  if [ ! \"volume-config.%p\" == \"$(/usr/bin/docker ps -a | /bin/grep -v -e \\\"volume-config.%p/.*,.*\\\" | /bin/grep -e '[ ]\{1,\}'volume-config.%p | /bin/grep -o volume-config.%p)\" ]; then \
-    /usr/bin/docker run \
-      --name volume-config.%p \
-      -v /etc/services-config/ssh.pool-1/ssh:/etc/services-config/ssh \
-      -v /etc/services-config/%p/supervisor:/etc/services-config/supervisor \
-      -v /etc/services-config/%p/httpd:/etc/services-config/httpd \
-      -v /etc/services-config/%p/ssl/certs:/etc/services-config/ssl/certs \
-      -v /etc/services-config/%p/ssl/private:/etc/services-config/ssl/private \
-      busybox:latest \
-      /bin/true; \
+  if [[ -n $(/usr/bin/find ${MOUNT_PATH_CONFIG}/%p/supervisor -maxdepth 1 -type f) ]] && [[ -n $(/usr/bin/find ${MOUNT_PATH_CONFIG}/%p/httpd -maxdepth 1 -type f) ]]; then \
+    if [[ volume-config.%p != $(/usr/bin/docker ps -a | /bin/awk -v pattern='^volume-config.%p$' '$NF ~ pattern { print $NF; }') ]]; then \
+      /usr/bin/docker run \
+        --name volume-config.%p \
+        -v ${MOUNT_PATH_CONFIG}/ssh.pool-1/ssh:/etc/services-config/ssh \
+        -v ${MOUNT_PATH_CONFIG}/%p/supervisor:/etc/services-config/supervisor \
+        -v ${MOUNT_PATH_CONFIG}/%p/httpd:/etc/services-config/httpd \
+        -v ${MOUNT_PATH_CONFIG}/%p/ssl/certs:/etc/services-config/ssl/certs \
+        -v ${MOUNT_PATH_CONFIG}/%p/ssl/private:/etc/services-config/ssl/private \
+        busybox:latest \
+        /bin/true; \
+    fi; \
   fi"
 
 # Initialisation: Pull or build image if required
 ExecStartPre=/bin/sudo /bin/bash -c \
-  "if [ ! \"jdeathe/centos-ssh-apache-php-fcgi\" == \"$(/usr/bin/docker images | /bin/grep -e '^jdeathe/centos-ssh-apache-php-fcgi[ ]\{1,\}' | /bin/grep -o 'jdeathe/centos-ssh-apache-php-fcgi')\" ]; then \
-    if [ -f /var/services-packages/jdeathe/centos-ssh-apache-php-fcgi.centos-6-1.3.0.tar.xz ]; then \
-      /usr/bin/xz -dc /var/services-packages/jdeathe/centos-ssh-apache-php-fcgi.centos-6-1.3.0.tar.xz | /usr/bin/docker load; \
+  "if [[ ${DOCKER_IMAGE_NAME} != $(/usr/bin/docker images | /bin/grep -e \\\"^${DOCKER_IMAGE_NAME}[ ]\{1,\}\\\" | /bin/grep -o \\\"${DOCKER_IMAGE_NAME}\\\") ]]; then \
+    if [[ -f /var/services-packages/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz ]]; then \
+      /usr/bin/xz -dc /var/services-packages/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz | /usr/bin/docker load; \
     else \
-      /usr/bin/docker pull jdeathe/centos-ssh-apache-php-fcgi:centos-6-1.3.0; \
+      /usr/bin/docker pull ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \
     fi; \
   fi"
 
 # Startup: Remove existing container (and stop if running) so it is re-created on startup but not removed on exit - to allow debugging if required
 ExecStart=/bin/sudo /bin/bash -c \
-  "if [ \"%p\" == \"$(/usr/bin/docker ps -a | /bin/grep -v -e \\\"%p/.*,.*\\\" | /bin/grep -e '[ ]\{1,\}'%p | /bin/grep -o %p)\" ]; then \
-    if [ \"%p\" == \"$(/usr/bin/docker ps | /bin/grep -v -e \\\"%p/.*,.*\\\" | /bin/grep -e '[ ]\{1,\}'%p | /bin/grep -o %p)\" ]; then \
+  "if [[ %p == $(/usr/bin/docker ps -a | /bin/awk -v pattern='^%p$' '$NF ~ pattern { print $NF; }') ]]; then \
+    if [[ %p == $(/usr/bin/docker ps | /bin/awk -v pattern='^%p$' '$NF ~ pattern { print $NF; }') ]]; then \
       /usr/bin/docker stop %p; \
     fi; \
     /usr/bin/docker rm %p; \
   fi; \
-  /usr/bin/docker run \
-    --privileged \
-    --name %p \
-    -p %i:80 \
-    -p 8580:8443 \
-    --env SERVICE_UNIT_INSTANCE=app-1 \
-    --env SERVICE_UNIT_LOCAL_ID=1 \
-    --env SERVICE_UNIT_INSTANCE=1 \
-    --env APACHE_SERVER_NAME=app-1.local \
-    --env APACHE_SERVER_ALIAS=app-1 \
-    --env DATE_TIMEZONE=UTC \
-    --volumes-from volume-config.%p \
-    -v /var/services-data/apache-php/app-1:/var/www/app \
-    jdeathe/centos-ssh-apache-php-fcgi:centos-6-1.3.0"
+  if [[ volume-config.%p == $(/usr/bin/docker ps -a | /bin/awk -v pattern='^volume-config.%p$' '$NF ~ pattern { print $NF; }') ]]; then \
+    /usr/bin/docker run \
+      --name %p \
+      -p %i:80 \
+      -p 8580:8443 \
+      --env SERVICE_UNIT_INSTANCE=app-1 \
+      --env SERVICE_UNIT_LOCAL_ID=1 \
+      --env SERVICE_UNIT_INSTANCE=1 \
+      --env APACHE_SERVER_NAME=app-1.local \
+      --env APACHE_SERVER_ALIAS=app-1 \
+      --env DATE_TIMEZONE=UTC \
+      --volumes-from volume-config.%p \
+      -v ${MOUNT_PATH_DATA}/apache-php/app-1:/var/www/app \
+      ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \
+  else \
+    /usr/bin/docker run \
+      --name %p \
+      -p %i:80 \
+      -p 8580:8443 \
+      --env SERVICE_UNIT_INSTANCE=app-1 \
+      --env SERVICE_UNIT_LOCAL_ID=1 \
+      --env SERVICE_UNIT_INSTANCE=1 \
+      --env APACHE_SERVER_NAME=app-1.local \
+      --env APACHE_SERVER_ALIAS=app-1 \
+      --env DATE_TIMEZONE=UTC \
+      -v ${MOUNT_PATH_DATA}/apache-php/app-1:/var/www/app \
+      ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \
+  fi"
 
 ExecStartPost=/usr/bin/etcdctl set /services/apache-php/app-1/1.1 %H:%i
 

apache-php.app-1.1.1@8080.service

@@ -1,12 +1,12 @@
 #!/usr/bin/env bash
 
 # Change working directory
-DIR_PATH="$( if [ "$( echo "${0%/*}" )" != "$( echo "${0}" )" ] ; then cd "$( echo "${0%/*}" )"; fi; pwd )"
-if [[ $DIR_PATH == */* ]] && [[ $DIR_PATH != "$( pwd )" ]] ; then
-	cd $DIR_PATH
+DIR_PATH="$( if [[ $( echo "${0%/*}" ) != $( echo "${0}" ) ]]; then cd "$( echo "${0%/*}" )"; fi; pwd )"
+if [[ ${DIR_PATH} == */* ]] && [[ ${DIR_PATH} != $( pwd ) ]]; then
+	cd ${DIR_PATH}
 fi
 
-NO_CACHE="$1"
+NO_CACHE=$1
 
 source build.conf
 
@@ -16,28 +16,27 @@ show_docker_image ()
 	local NAME_PARTS=(${NAME//:/ })
 
 	# Set 'latest' tag if no tag requested
-	if [ ${#NAME_PARTS[@]} == 1 ]; then
+	if [[ ${#NAME_PARTS[@]} == 1 ]]; then
 		NAME_PARTS[1]='latest'
 	fi
 
 	docker images | grep -e "^${NAME_PARTS[0]}[ ]\{1,\}${NAME_PARTS[1]}"
 }
 
-echo Building ${DOCKER_IMAGE_REPOSITORY_NAME}...
+echo "Building ${DOCKER_IMAGE_REPOSITORY_NAME}"
 
 # Allow cache to be bypassed
-if [ "$NO_CACHE" == "true" ]; then
+if [[ ${NO_CACHE} == "true" ]]; then
 	echo " ---> Skipping cache"
 else
 	NO_CACHE="false"
 fi
 
 # Build from working directory
-docker build --no-cache=$NO_CACHE -t ${DOCKER_IMAGE_REPOSITORY_NAME} .
-
+docker build --no-cache=${NO_CACHE} -t ${DOCKER_IMAGE_REPOSITORY_NAME} .
 
 # Display the last docker image
 echo "Docker image:"
 show_docker_image ${DOCKER_IMAGE_REPOSITORY_NAME}
 
-echo " ---> Build complete"
+echo " ---> Build complete"

build.sh

@@ -7,35 +7,42 @@ get_password ()
 	echo $(head -n 4096 /dev/urandom | tr -cd '[:alnum:]' | head -c ${1})
 }
 
+APP_HOME_DIR_TEMPLATE="/var/www/.app-skel"
+
+OPTS_APACHE_SERVER_NAME="${APACHE_SERVER_NAME:-$(hostname)}"
+OPTS_APACHE_MOD_SSL_ENABLED="${APACHE_MOD_SSL_ENABLED:-false}"
+OPTS_APACHE_LOAD_MODULES="${APACHE_LOAD_MODULES:-authz_user_module log_config_module expires_module deflate_module headers_module setenvif_module mime_module status_module dir_module alias_module reqtimeout_module}"
+OPTS_APP_HOME_DIR="${APP_HOME_DIR:-/var/www/app}"
 OPTS_SERVICE_USER="${SERVICE_USER:-app}"
 OPTS_SERVICE_USER_GROUP="${SERVICE_USER_GROUP:-app-www}"
-OPTS_SERVICE_USER_PASSWORD="${SERVICE_USER_PASSWORD:-$(get_password 8)}"
 OPTS_SERVICE_USER_GROUP_PASSWORD="${SERVICE_USER_GROUP_PASSWORD:-$(get_password 8)}"
+OPTS_SERVICE_USER_PASSWORD="${SERVICE_USER_PASSWORD:-$(get_password 8)}"
 OPTS_SUEXECUSERGROUP="${SUEXECUSERGROUP:-false}"
 
-OPTS_APACHE_SERVER_NAME="${APACHE_SERVER_NAME:-$(hostname)}"
-OPTS_APACHE_MOD_SSL_ENABLED="${APACHE_MOD_SSL_ENABLED:-false}"
-
-if [[ ! -d ${APP_HOME_DIR} ]] && [[ -d ${APP_HOME_DIR_TEMPLATE} ]]; then
-	echo Recreate the ${APP_HOME_DIR} directory...
-	mkdir -p ${APP_HOME_DIR}
+if [[ ! -d ${OPTS_APP_HOME_DIR} ]] && [[ -d ${OPTS_APP_HOME_DIR_TEMPLATE} ]]; then
+	echo "Recreate the ${OPTS_APP_HOME_DIR} directory."
+	mkdir -p ${OPTS_APP_HOME_DIR}
 fi
 
-if [[ ! -n $(find ${APP_HOME_DIR} -maxdepth 1 -type f) ]] && [[ -d ${APP_HOME_DIR_TEMPLATE} ]]; then
-	echo Home directory ${APP_HOME_DIR} exists but is empty - populate it using ${APP_HOME_DIR_TEMPLATE}...
-	cp -rf ${APP_HOME_DIR_TEMPLATE}/. ${APP_HOME_DIR}/
+if [[ -z $(find ${OPTS_APP_HOME_DIR} -maxdepth 1 -type f) ]] && [[ -d ${APP_HOME_DIR_TEMPLATE} ]]; then
+	echo "Home directory ${OPTS_APP_HOME_DIR} is empty - populate it using ${APP_HOME_DIR_TEMPLATE}."
+	cp -rf ${APP_HOME_DIR_TEMPLATE}/. ${OPTS_APP_HOME_DIR}/
 fi
 
 # Document root directory is required
-if [[ ! -d ${APP_HOME_DIR}/public_html ]]; then
-	echo ERROR: ${APP_HOME_DIR}/public_html not found.
+if [[ ! -d ${OPTS_APP_HOME_DIR}/public_html ]]; then
+	echo "ERROR: ${OPTS_APP_HOME_DIR}/public_html not found."
 	exit 1
 fi
 
+if [[ ${OPTS_APP_HOME_DIR} != /var/www/app ]]; then
+	unlink /home/app && ln -s ${OPTS_APP_HOME_DIR} /home/app
+fi
+
 # If users need to change the vhost.conf the SSL version can be rebuilt if it is deleted
-if [[ ${OPTS_APACHE_MOD_SSL_ENABLED} == "true" ]] && [[ ! -f ${APP_HOME_DIR}/vhost-ssl.conf ]] && [[ -f ${APP_HOME_DIR}/vhost.conf ]]; then
-	echo Rebuilding the SSL VirtualHost configuration...
-	cp -pf ${APP_HOME_DIR}/vhost.conf ${APP_HOME_DIR}/vhost-ssl.conf
+if [[ ${OPTS_APACHE_MOD_SSL_ENABLED} == "true" ]] && [[ ! -f ${OPTS_APP_HOME_DIR}/vhost-ssl.conf ]] && [[ -f ${OPTS_APP_HOME_DIR}/vhost.conf ]]; then
+	echo "Rebuilding the SSL VirtualHost configuration."
+	cp -pf ${OPTS_APP_HOME_DIR}/vhost.conf ${OPTS_APP_HOME_DIR}/vhost-ssl.conf
 
 	# Enable the SSL VirtualHosts configuration
 	sed -i \
@@ -47,70 +54,78 @@ if [[ ${OPTS_APACHE_MOD_SSL_ENABLED} == "true" ]] && [[ ! -f ${APP_HOME_DIR}/vho
 		-e 's~#SSLCipherSuite \(.*\)$~SSLCipherSuite \1~g' \
 		-e 's~#SSLCertificateFile \(.*\)$~SSLCertificateFile \1~g' \
 		-e 's~#SSLCertificateKeyFile \(.*\)$~SSLCertificateKeyFile \1~g' \
-		${APP_HOME_DIR}/vhost-ssl.conf
+		${OPTS_APP_HOME_DIR}/vhost-ssl.conf
 fi
 
 # Enable/Disable SSL support
-if [[ ${OPTS_APACHE_MOD_SSL_ENABLED} == "true" ]]; then
-	echo Enabling SSL support...
+if [[ ${OPTS_APACHE_MOD_SSL_ENABLED} == true ]]; then
+	echo "Enabling SSL support."
 	cat /etc/httpd/conf.d/ssl.conf.off > /etc/httpd/conf.d/ssl.conf
 
 	sed -i \
 		-e 's~^#NameVirtualHost \*:443$~NameVirtualHost \*:443~g' \
-		-e 's~^#Include ${APP_HOME_DIR}/vhost-ssl.conf$~Include ${APP_HOME_DIR}/vhost-ssl.conf~g' \
+		-e 's~^#Include ${OPTS_APP_HOME_DIR}/vhost-ssl.conf$~Include ${OPTS_APP_HOME_DIR}/vhost-ssl.conf~g' \
 		/etc/httpd/conf/httpd.conf
 
 	if [[ ! -f /etc/services-config/ssl/private/localhost.key ]] || [[ ! -f /etc/services-config/ssl/certs/localhost.crt ]]; then
-		echo Generating new certificate...
-		openssl req -x509 -nodes -newkey rsa:4096 \
-		-days 365 \
-		-subj "/C=--/ST=STATE/L=LOCALITY/O=ORGANIZATION/CN=${OPTS_APACHE_SERVER_NAME}" \
-		-keyout /etc/services-config/ssl/private/localhost.key \
-		-out /etc/services-config/ssl/certs/localhost.crt
+		echo "Generating new certificate."
+		openssl req \
+			-x509 \
+			-nodes \
+			-newkey rsa:4096 \
+			-days 365 \
+			-subj "/C=--/ST=STATE/L=LOCALITY/O=ORGANIZATION/CN=${OPTS_APACHE_SERVER_NAME}" \
+			-keyout /etc/services-config/ssl/private/localhost.key \
+			-out /etc/services-config/ssl/certs/localhost.crt
 	fi
 
 	openssl x509 -in /etc/services-config/ssl/certs/localhost.crt -text
 else
-	echo Disabling SSL support...
+	echo "Disabling SSL support."
 	> /etc/httpd/conf.d/ssl.conf
 
 	sed -i \
 		-e 's~^NameVirtualHost \*:443$~#NameVirtualHost \*:443~g' \
-		-e 's~^Include ${APP_HOME_DIR}/vhost-ssl.conf$~#Include ${APP_HOME_DIR}/vhost-ssl.conf~g' \
+		-e 's~^Include ${OPTS_APP_HOME_DIR}/vhost-ssl.conf$~#Include ${OPTS_APP_HOME_DIR}/vhost-ssl.conf~g' \
 		/etc/httpd/conf/httpd.conf
 fi
 
 # Set the service user / service group user
-if getent passwd app && [[ ${OPTS_SERVICE_USER} != "app" ]]; then
+if getent passwd app && [[ ${OPTS_SERVICE_USER} != app ]]; then
 	usermod -l ${OPTS_SERVICE_USER} app
 fi
 
-if getent passwd app-www && [[ ${OPTS_SERVICE_USER_GROUP} != "app-www" ]]; then
+if getent passwd app-www && [[ ${OPTS_SERVICE_USER_GROUP} != app-www ]]; then
 	usermod -l ${OPTS_SERVICE_USER_GROUP} app-www
 fi
 
 # Set the Apache (run) service user/group
-if [[ ${OPTS_SUEXECUSERGROUP} == "true" ]]; then
-	sed -i -e "s~^User .*$~User ${OPTS_SERVICE_USER_GROUP}~g" \
-		-e "s~^Group .*$~Group ${OPTS_SERVICE_USER_GROUP}~g" /etc/httpd/conf/httpd.conf
-	sed -i -e 's~#SuexecUserGroup \(.*\)$~SuexecUserGroup \1~g' ${APP_HOME_DIR}/vhost.conf
-	sed -i -e 's~#SuexecUserGroup \(.*\)$~SuexecUserGroup \1~g' ${APP_HOME_DIR}/vhost-ssl.conf
+if [[ ${OPTS_SUEXECUSERGROUP} == true ]]; then
+	sed -i \
+		-e "s~^User .*$~User ${OPTS_SERVICE_USER_GROUP}~g" \
+		-e "s~^Group .*$~Group ${OPTS_SERVICE_USER_GROUP}~g" \
+		/etc/httpd/conf/httpd.conf
+	sed -i \
+		-e 's~#SuexecUserGroup \(.*\)$~SuexecUserGroup \1~g' \
+		-e 's~app/bin/php-wrapper~app-bin/php-wrapper~g' \
+		${OPTS_APP_HOME_DIR}/vhost.conf \
+		${OPTS_APP_HOME_DIR}/vhost-ssl.conf
 	chown -R 502:502 /var/{www/app-bin,run/mod_fcgid}
 else
-	sed -i -e "s~^User .*$~User apache~g" \
-		-e "s~^Group .*$~Group apache~g" /etc/httpd/conf/httpd.conf
-	sed -i -e 's~\([^#]\)SuexecUserGroup \(.*\)$~\1#SuexecUserGroup \2~g' ${APP_HOME_DIR}/vhost.conf
-	sed -i -e 's~\([^#]\)SuexecUserGroup \(.*\)$~\1#SuexecUserGroup \2~g' ${APP_HOME_DIR}/vhost-ssl.conf
+	sed -i \
+		-e "s~^User .*$~User apache~g" \
+		-e "s~^Group .*$~Group apache~g" \
+		/etc/httpd/conf/httpd.conf
+	sed -i \
+		-e 's~\([^#]\)SuexecUserGroup \(.*\)$~\1#SuexecUserGroup \2~g' \
+		-e 's~app/bin/php-wrapper~app-bin/php-wrapper~g' \
+		${OPTS_APP_HOME_DIR}/vhost.conf \
+		${OPTS_APP_HOME_DIR}/vhost-ssl.conf
 	chown -R apache:apache /var/{www/app-bin,run/mod_fcgid}
 fi
 
-# Update any existing instances of php-wrapper path in the Virtual Host
-sed -i -e 's~app/bin/php-wrapper~app-bin/php-wrapper~g' ${APP_HOME_DIR}/vhost.conf
-sed -i -e 's~app/bin/php-wrapper~app-bin/php-wrapper~g' ${APP_HOME_DIR}/vhost-ssl.conf
-
-echo Loading Apache modules...
-for MODULE in ${APACHE_LOAD_MODULES}
-do
+echo "Loading Apache modules."
+for MODULE in ${APACHE_LOAD_MODULES}; do
 	echo " - ${MODULE}"
 	sed -i \
 		-e "s~^#LoadModule ${MODULE} ~LoadModule ${MODULE} ~g" \